Loading IPSec/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_ExternalFunctions.ttcn +13 −7 Original line number Diff line number Diff line Loading @@ -85,15 +85,21 @@ // external function fx_encrypt( EncryptionAlgo p_encryptionAlgo, in octetstring p_key, in octetstring p_message) // return octetstring; external function fx_encryptModularIpPacket( in IpSecProtocolMode p_ipSecProtocolMode, external function fx_encrypt( in IpSecProtocolMode p_ipSecProtocolMode, in EncryptionAlgo p_encryptionAlgo, in octetstring p_key, in ModularIpv6Packet p_message, in PlaintextData p_plaintextData, out EncryptResult p_encryptResult) return FncRetCode; external function fx_decryptEspPayload( in UInt8 p_ivLength, in UInt8 p_icvLength, in IpSecProtocolMode p_ipSecProtocolMode, EncryptionAlgo p_encryptionAlgo, in octetstring p_key, in octetstring p_message) return DecryptedEspHeaderData; external function fx_decrypt( in UInt8 p_ivLength, in UInt8 p_icvLength, in IpSecProtocolMode p_ipSecProtocolMode, in EncryptionAlgo p_encryptionAlgo, in octetstring p_key, in octetstring p_encryptedMsg, out PlaintextData p_plaintextData) return FncRetCode; Loading IPSec/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_Functions.ttcn +8 −17 Original line number Diff line number Diff line Loading @@ -415,9 +415,7 @@ group rfc4303Esp_ExtHdrFunctions { function f_buildEspExtHdr( in Sa p_sa, in template Ipv6Header p_ipv6Header, in template ExtensionHeaderList p_extensionHeaderList, in template Ipv6Payload p_ipv6Payload, in PlaintextData p_plaintextData, out ExtensionHeader p_extensionHeader) runs on LibIpv6Node return FncRetCode { Loading @@ -427,18 +425,11 @@ group rfc4303Esp_ExtHdrFunctions { var FncRetCode v_ret := e_error; var octetstring v_padding := c_1ZeroByte; // Build espPayloadData var ModularIpv6Packet v_modularIpv6Packet := { ipv6Hdr := valueof(p_ipv6Header), extHdrList := valueof(p_extensionHeaderList), ipv6Payload := valueof(p_ipv6Payload) } // Encrypt espPayloadData v_ret := fx_encryptModularIpPacket( p_sa.ipSecProtocolMode, v_ret := fx_encrypt( p_sa.ipSecProtocolMode, p_sa.espEncryptionAlgo, p_sa.espEncryptionKey, v_modularIpv6Packet, p_plaintextData, v_encryptResult); if ( v_ret != e_success ) {return v_ret;} Loading Loading @@ -477,7 +468,7 @@ group rfc4303Esp_ExtHdrFunctions { } // Assign Plaintext EspPayload v_espHdr.espPayloadData.plaintextData := v_modularIpv6Packet; v_espHdr.espPayloadData.plaintextData := p_plaintextData; p_extensionHeader := {espHeader := v_espHdr}; return e_success; Loading IPSec/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_Templates.ttcn +30 −3 Original line number Diff line number Diff line Loading @@ -797,10 +797,37 @@ group rfc4303Esp_ExtHdrTemplates { icv := omit } template ExtensionHeader mw_extHdr_espHeader := { espHeader := ? //TODO expand this template ExtensionHeader mw_extHdr_espHeader( in UInt32 p_securityParametersIndex, in UInt32 p_sequenceNumber, in template PlaintextData p_plaintextData, in UInt8 p_nextHdr) := { espHeader := { // Header securityParametersIndex := 0, sequenceNumber := 0, // Payload iv := *, espPayloadData := {plaintextData:= p_plaintextData}, tfcPadding := *, // Trailer padding := *, padLength := ?, nextHdr := p_nextHdr, icv := * } } }//end group rfc4303Esp_ExtHdrTemplates group cryptoTemplates { template PlaintextData m_plaintextData (in template ExtensionHeaderList p_extensionHeaderList, in template Ipv6Payload p_ipv6Payload) := { extHdrList := p_extensionHeaderList, ipv6Payload := p_ipv6Payload } }//end group cryptoTemplates } // end module LibIpv6_Interface_Templates IPSec/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_TypesAndValues.ttcn +27 −37 Original line number Diff line number Diff line Loading @@ -173,28 +173,6 @@ group ipv6Packet { }//end group ipv6Packet group secPayload { //TODO move that type record IntegrityResult { octetstring icv optional } /* * @desc PDU type to be used when building ESP payload for encryption */ //TODO as well possibe to delete this type and make Ipv6Packet.ipv6Hdr optional type record ModularIpv6Packet { Ipv6Header ipv6Hdr optional,//TODO check if deletion of Ipv6Header is better ExtensionHeaderList extHdrList optional, Ipv6Payload ipv6Payload optional } with { encode "TODO"; } }//end group secPayload group rfc2460Root_TypesAndValues { group ipv6Header { Loading Loading @@ -770,29 +748,41 @@ group rfc4303Esp_ExtHdrTypesAndValues { with { encode "TODO"; } //Transport mode : no IPv6Header and no tfcPadding //Tunnel mode : IPv6Header and maybe tfcPadding (use payloadLength to calc total length) type union EspPayloadData { octetstring encryptedData, ModularIpv6Packet plaintextData PlaintextData plaintextData } type record DecryptedEspHeaderData { octetstring iv optional,// depends on enc-algo octetstring espPayloadData,// depends on enc-algo Oct1to255 tfcPadding optional,// only present in tunnelMode, depends on enc-algo Oct1to255 padding optional, //use padLength UInt8 padLength,//OK UInt8 nextHdr,//OK octetstring icv optional//length is defined by integrity-algo /* * @desc PDU type to be used when building ESP payload for encryption/decryption */ type record PlaintextData { ExtensionHeaderList extHdrList optional, Ipv6Payload ipv6Payload optional } with { encode "TODO"; } //Transport mode : no IPv6Header and no tfcPadding //Tunnel mode : IPv6Header and maybe tfcPadding (use payloadLength to calc total length) }//end group rfc4303Esp_ExtHdrTypesAndValues } // end extensionHeaders group cryptoTypes { type record IntegrityResult { octetstring icv optional } }//end group cryptoTypes group integrityTypes { }//end group integrityTypes } // end module LibIpv6_Interface_TypesAndValues IPSec/EtsiLibrary/LibIpv6/LibMobility/LibIpv6_Rfc3775Mipv6_Functions.ttcn +47 −41 Original line number Diff line number Diff line Loading @@ -227,7 +227,7 @@ module LibIpv6_Rfc3775Mipv6_Functions { * @param p_seqNr Seq Nr of Binding Update * @param p_timeUnits Lifetiem of Binding Update */ function f_sendBindUpAndWaitForBindAckOffHome_espTransportMode( in template Ipv6Address p_mnCoaTn, function f_sendBindUpAndWaitForBindAckOffHome_esp( in template Ipv6Address p_mnCoaTn, in template Ipv6Address p_mnHoaTn, in template Ipv6Address p_haGlaNut, in UInt16 p_seqNr, Loading @@ -239,8 +239,9 @@ module LibIpv6_Rfc3775Mipv6_Functions { var Ipv6Packet v_ipv6Packet; var ExtensionHeader v_extHdr_espHeader; v_ret := f_buildEspExtHdr( vc_sad[0], omit, // Build espPayloadData var PlaintextData v_plaintextData := valueof( m_plaintextData( m_extHdrList_1Elem( m_extHdr_mipHeader ( c_noNextHdr, Loading @@ -255,7 +256,10 @@ module LibIpv6_Rfc3775Mipv6_Functions { m_mipOptList_2Elem( m_mipOpt_padN(m_optPad2), m_mipOpt_altCoa(m_mipOptAltCoA(p_mnCoaTn)))))), omit, omit) ); v_ret := f_buildEspExtHdr( vc_sad[0], v_plaintextData, v_extHdr_espHeader); if ( v_ret != e_success ) {return v_ret;} Loading @@ -273,28 +277,29 @@ module LibIpv6_Rfc3775Mipv6_Functions { if ( v_ret != e_success ) {return v_ret;} tc_ac.start; alt { [] ipPort.receive(mw_generalIpv6_extHdr_noData( c_routeHdr, //the test adapter process consists of decrypt and integrity check [] ipPort.receive(mw_generalIpv6_extHdr_noData( c_routeHdr, p_haGlaNut, p_mnCoaTn, m_extHdrList_2Elem( mw_extHdr_routingHeader( c_mipHdr, mw_extHdr_routingHeader( c_espHdr, c_routeHdrLen2, c_routeHdrType2, c_routeHdrSegmentsLeft1, m_routingHeaderData_homeAddress(p_mnHoaTn)), mw_extHdr_espHeader))) -> value v_ipv6Packet { //TODO check Integrity //TODO correct this // var DecryptedEspHeaderData v_decryptedEspHeaderData := fx_decryptEspPayload( // 1,//IvLength TODO make hashmap to map length to algo, // 2,//IcvLength, // e_transportMode,//TODO check if Pixit or vc_sad[0].ipSecProtocolMode, // vc_sad[0].espEncryptionAlgo, // vc_sad[0].espEncryptionKey, // v_ipv6Packet.extHdrList[1].espHeader_rcv.espHeaderData ); // mw_extHdr_espHeader( vc_sad[0].securityParametersIndex, vc_sad[0].sequenceNumber + 1, m_plaintextData( m_extHdrList_1Elem( mw_extHdr_mipHeader( c_noNextHdr, c_bindingAck, mw_bindingAck(p_seqNr) ) ), omit), c_mipHdr ) ) ) )-> value v_ipv6Packet { tc_ac.stop; v_ret := e_success ; } Loading @@ -311,7 +316,8 @@ module LibIpv6_Rfc3775Mipv6_Functions { c_bindingAck, mw_bindingAck(p_seqNr))))) { tc_ac.stop; v_ret := e_success ; v_ret := e_error ; log("**** f_sendBindUpAndWaitForBindAckOffHome_espTunnelMode: ERROR: No encrypted message received **** "); } [] tc_ac.timeout{ v_ret := e_timeout; Loading @@ -321,7 +327,7 @@ module LibIpv6_Rfc3775Mipv6_Functions { return v_ret; }//end f_sendBindUpAndWaitForBindAckOffHome_espTunnelMode }//end f_sendBindUpAndWaitForBindAckOffHome_esp /* * @desc Test Node is Off Home and sends BindUpdate and waits for Binding Ack Loading Loading
IPSec/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_ExternalFunctions.ttcn +13 −7 Original line number Diff line number Diff line Loading @@ -85,15 +85,21 @@ // external function fx_encrypt( EncryptionAlgo p_encryptionAlgo, in octetstring p_key, in octetstring p_message) // return octetstring; external function fx_encryptModularIpPacket( in IpSecProtocolMode p_ipSecProtocolMode, external function fx_encrypt( in IpSecProtocolMode p_ipSecProtocolMode, in EncryptionAlgo p_encryptionAlgo, in octetstring p_key, in ModularIpv6Packet p_message, in PlaintextData p_plaintextData, out EncryptResult p_encryptResult) return FncRetCode; external function fx_decryptEspPayload( in UInt8 p_ivLength, in UInt8 p_icvLength, in IpSecProtocolMode p_ipSecProtocolMode, EncryptionAlgo p_encryptionAlgo, in octetstring p_key, in octetstring p_message) return DecryptedEspHeaderData; external function fx_decrypt( in UInt8 p_ivLength, in UInt8 p_icvLength, in IpSecProtocolMode p_ipSecProtocolMode, in EncryptionAlgo p_encryptionAlgo, in octetstring p_key, in octetstring p_encryptedMsg, out PlaintextData p_plaintextData) return FncRetCode; Loading
IPSec/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_Functions.ttcn +8 −17 Original line number Diff line number Diff line Loading @@ -415,9 +415,7 @@ group rfc4303Esp_ExtHdrFunctions { function f_buildEspExtHdr( in Sa p_sa, in template Ipv6Header p_ipv6Header, in template ExtensionHeaderList p_extensionHeaderList, in template Ipv6Payload p_ipv6Payload, in PlaintextData p_plaintextData, out ExtensionHeader p_extensionHeader) runs on LibIpv6Node return FncRetCode { Loading @@ -427,18 +425,11 @@ group rfc4303Esp_ExtHdrFunctions { var FncRetCode v_ret := e_error; var octetstring v_padding := c_1ZeroByte; // Build espPayloadData var ModularIpv6Packet v_modularIpv6Packet := { ipv6Hdr := valueof(p_ipv6Header), extHdrList := valueof(p_extensionHeaderList), ipv6Payload := valueof(p_ipv6Payload) } // Encrypt espPayloadData v_ret := fx_encryptModularIpPacket( p_sa.ipSecProtocolMode, v_ret := fx_encrypt( p_sa.ipSecProtocolMode, p_sa.espEncryptionAlgo, p_sa.espEncryptionKey, v_modularIpv6Packet, p_plaintextData, v_encryptResult); if ( v_ret != e_success ) {return v_ret;} Loading Loading @@ -477,7 +468,7 @@ group rfc4303Esp_ExtHdrFunctions { } // Assign Plaintext EspPayload v_espHdr.espPayloadData.plaintextData := v_modularIpv6Packet; v_espHdr.espPayloadData.plaintextData := p_plaintextData; p_extensionHeader := {espHeader := v_espHdr}; return e_success; Loading
IPSec/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_Templates.ttcn +30 −3 Original line number Diff line number Diff line Loading @@ -797,10 +797,37 @@ group rfc4303Esp_ExtHdrTemplates { icv := omit } template ExtensionHeader mw_extHdr_espHeader := { espHeader := ? //TODO expand this template ExtensionHeader mw_extHdr_espHeader( in UInt32 p_securityParametersIndex, in UInt32 p_sequenceNumber, in template PlaintextData p_plaintextData, in UInt8 p_nextHdr) := { espHeader := { // Header securityParametersIndex := 0, sequenceNumber := 0, // Payload iv := *, espPayloadData := {plaintextData:= p_plaintextData}, tfcPadding := *, // Trailer padding := *, padLength := ?, nextHdr := p_nextHdr, icv := * } } }//end group rfc4303Esp_ExtHdrTemplates group cryptoTemplates { template PlaintextData m_plaintextData (in template ExtensionHeaderList p_extensionHeaderList, in template Ipv6Payload p_ipv6Payload) := { extHdrList := p_extensionHeaderList, ipv6Payload := p_ipv6Payload } }//end group cryptoTemplates } // end module LibIpv6_Interface_Templates
IPSec/EtsiLibrary/LibIpv6/LibCommonRfcs/LibIpv6_Interface_TypesAndValues.ttcn +27 −37 Original line number Diff line number Diff line Loading @@ -173,28 +173,6 @@ group ipv6Packet { }//end group ipv6Packet group secPayload { //TODO move that type record IntegrityResult { octetstring icv optional } /* * @desc PDU type to be used when building ESP payload for encryption */ //TODO as well possibe to delete this type and make Ipv6Packet.ipv6Hdr optional type record ModularIpv6Packet { Ipv6Header ipv6Hdr optional,//TODO check if deletion of Ipv6Header is better ExtensionHeaderList extHdrList optional, Ipv6Payload ipv6Payload optional } with { encode "TODO"; } }//end group secPayload group rfc2460Root_TypesAndValues { group ipv6Header { Loading Loading @@ -770,29 +748,41 @@ group rfc4303Esp_ExtHdrTypesAndValues { with { encode "TODO"; } //Transport mode : no IPv6Header and no tfcPadding //Tunnel mode : IPv6Header and maybe tfcPadding (use payloadLength to calc total length) type union EspPayloadData { octetstring encryptedData, ModularIpv6Packet plaintextData PlaintextData plaintextData } type record DecryptedEspHeaderData { octetstring iv optional,// depends on enc-algo octetstring espPayloadData,// depends on enc-algo Oct1to255 tfcPadding optional,// only present in tunnelMode, depends on enc-algo Oct1to255 padding optional, //use padLength UInt8 padLength,//OK UInt8 nextHdr,//OK octetstring icv optional//length is defined by integrity-algo /* * @desc PDU type to be used when building ESP payload for encryption/decryption */ type record PlaintextData { ExtensionHeaderList extHdrList optional, Ipv6Payload ipv6Payload optional } with { encode "TODO"; } //Transport mode : no IPv6Header and no tfcPadding //Tunnel mode : IPv6Header and maybe tfcPadding (use payloadLength to calc total length) }//end group rfc4303Esp_ExtHdrTypesAndValues } // end extensionHeaders group cryptoTypes { type record IntegrityResult { octetstring icv optional } }//end group cryptoTypes group integrityTypes { }//end group integrityTypes } // end module LibIpv6_Interface_TypesAndValues
IPSec/EtsiLibrary/LibIpv6/LibMobility/LibIpv6_Rfc3775Mipv6_Functions.ttcn +47 −41 Original line number Diff line number Diff line Loading @@ -227,7 +227,7 @@ module LibIpv6_Rfc3775Mipv6_Functions { * @param p_seqNr Seq Nr of Binding Update * @param p_timeUnits Lifetiem of Binding Update */ function f_sendBindUpAndWaitForBindAckOffHome_espTransportMode( in template Ipv6Address p_mnCoaTn, function f_sendBindUpAndWaitForBindAckOffHome_esp( in template Ipv6Address p_mnCoaTn, in template Ipv6Address p_mnHoaTn, in template Ipv6Address p_haGlaNut, in UInt16 p_seqNr, Loading @@ -239,8 +239,9 @@ module LibIpv6_Rfc3775Mipv6_Functions { var Ipv6Packet v_ipv6Packet; var ExtensionHeader v_extHdr_espHeader; v_ret := f_buildEspExtHdr( vc_sad[0], omit, // Build espPayloadData var PlaintextData v_plaintextData := valueof( m_plaintextData( m_extHdrList_1Elem( m_extHdr_mipHeader ( c_noNextHdr, Loading @@ -255,7 +256,10 @@ module LibIpv6_Rfc3775Mipv6_Functions { m_mipOptList_2Elem( m_mipOpt_padN(m_optPad2), m_mipOpt_altCoa(m_mipOptAltCoA(p_mnCoaTn)))))), omit, omit) ); v_ret := f_buildEspExtHdr( vc_sad[0], v_plaintextData, v_extHdr_espHeader); if ( v_ret != e_success ) {return v_ret;} Loading @@ -273,28 +277,29 @@ module LibIpv6_Rfc3775Mipv6_Functions { if ( v_ret != e_success ) {return v_ret;} tc_ac.start; alt { [] ipPort.receive(mw_generalIpv6_extHdr_noData( c_routeHdr, //the test adapter process consists of decrypt and integrity check [] ipPort.receive(mw_generalIpv6_extHdr_noData( c_routeHdr, p_haGlaNut, p_mnCoaTn, m_extHdrList_2Elem( mw_extHdr_routingHeader( c_mipHdr, mw_extHdr_routingHeader( c_espHdr, c_routeHdrLen2, c_routeHdrType2, c_routeHdrSegmentsLeft1, m_routingHeaderData_homeAddress(p_mnHoaTn)), mw_extHdr_espHeader))) -> value v_ipv6Packet { //TODO check Integrity //TODO correct this // var DecryptedEspHeaderData v_decryptedEspHeaderData := fx_decryptEspPayload( // 1,//IvLength TODO make hashmap to map length to algo, // 2,//IcvLength, // e_transportMode,//TODO check if Pixit or vc_sad[0].ipSecProtocolMode, // vc_sad[0].espEncryptionAlgo, // vc_sad[0].espEncryptionKey, // v_ipv6Packet.extHdrList[1].espHeader_rcv.espHeaderData ); // mw_extHdr_espHeader( vc_sad[0].securityParametersIndex, vc_sad[0].sequenceNumber + 1, m_plaintextData( m_extHdrList_1Elem( mw_extHdr_mipHeader( c_noNextHdr, c_bindingAck, mw_bindingAck(p_seqNr) ) ), omit), c_mipHdr ) ) ) )-> value v_ipv6Packet { tc_ac.stop; v_ret := e_success ; } Loading @@ -311,7 +316,8 @@ module LibIpv6_Rfc3775Mipv6_Functions { c_bindingAck, mw_bindingAck(p_seqNr))))) { tc_ac.stop; v_ret := e_success ; v_ret := e_error ; log("**** f_sendBindUpAndWaitForBindAckOffHome_espTunnelMode: ERROR: No encrypted message received **** "); } [] tc_ac.timeout{ v_ret := e_timeout; Loading @@ -321,7 +327,7 @@ module LibIpv6_Rfc3775Mipv6_Functions { return v_ret; }//end f_sendBindUpAndWaitForBindAckOffHome_espTunnelMode }//end f_sendBindUpAndWaitForBindAckOffHome_esp /* * @desc Test Node is Off Home and sends BindUpdate and waits for Binding Ack Loading
